Class: AwsMskIamSaslSigner::MSKTokenProvider

Inherits:

Object

• Object
• AwsMskIamSaslSigner::MSKTokenProvider

Defined in:

lib/aws-msk-iam-sasl-signer/msk_token_provider.rb

Defined Under Namespace

Classes: AuthToken, CallerIdentity

Constant Summary

ENDPOINT_URL_TEMPLATE =

"kafka.{}.amazonaws.com"

DEFAULT_TOKEN_EXPIRY_SECONDS =

900

LIB_NAME =

"aws-msk-iam-sasl-signer-msk-iam-sasl-signer-ruby"

USER_AGENT_KEY =

"User-Agent"

SESSION_NAME =

"MSKSASLDefaultSession"

Instance Method Summary

• #generate_auth_token(aws_debug: false) ⇒ Object
• #generate_auth_token_from_credentials_provider(credentials_provider) ⇒ Object
• #generate_auth_token_from_profile(profile) ⇒ Object
• #generate_auth_token_from_role_arn(role_arn, session_name = nil) ⇒ Object
• #initialize(region:) ⇒ MSKTokenProvider constructor

  A new instance of MSKTokenProvider.

Constructor Details

#initialize(region:) ⇒ MSKTokenProvider

Returns a new instance of MSKTokenProvider.

# File 'lib/aws-msk-iam-sasl-signer/msk_token_provider.rb', line 18

def initialize(region:)
  @region = region
end

Instance Method Details

#generate_auth_token(aws_debug: false) ⇒ Object

# File 'lib/aws-msk-iam-sasl-signer/msk_token_provider.rb', line 22

def generate_auth_token(aws_debug: false)
  credentials = CredentialsResolver.new.from_credential_provider_chain(@region)
  caller_identity = caller_identity(credentials, @region) if aws_debug
  url = presign(credentials, endpoint_url)
  AuthToken.new(
    urlsafe_encode64(user_agent(url)),
    expiration_time_ms(url),
    caller_identity
  )
end

#generate_auth_token_from_credentials_provider(credentials_provider) ⇒ Object

# File 'lib/aws-msk-iam-sasl-signer/msk_token_provider.rb', line 55

def generate_auth_token_from_credentials_provider(credentials_provider)
  raise "Invalid credentials provider" unless credentials_provider.respond_to?(:credentials)

  url = presign(credentials_provider, endpoint_url)
  AuthToken.new(
    urlsafe_encode64(user_agent(url)),
    expiration_time_ms(url)
  )
end

#generate_auth_token_from_profile(profile) ⇒ Object

# File 'lib/aws-msk-iam-sasl-signer/msk_token_provider.rb', line 33

def generate_auth_token_from_profile(profile)
  credentials = CredentialsResolver.new.from_profile(profile)
  url = presign(credentials, endpoint_url)
  AuthToken.new(
    urlsafe_encode64(user_agent(url)),
    expiration_time_ms(url)
  )
end

#generate_auth_token_from_role_arn(role_arn, session_name = nil) ⇒ Object

# File 'lib/aws-msk-iam-sasl-signer/msk_token_provider.rb', line 42

def generate_auth_token_from_role_arn(role_arn, session_name=nil)
  session_name ||= SESSION_NAME
  credentials = CredentialsResolver.new.from_role_arn(
    role_arn: role_arn,
    session_name: session_name
  )
  url = presign(credentials, endpoint_url)
  AuthToken.new(
    urlsafe_encode64(user_agent(url)),
    expiration_time_ms(url)
  )
end